I am a CompTIA Security+ certified cybersecurity professional building hands-on experience in vulnerability assessment, security monitoring, network defense, cloud security, web application testing, and incident analysis.
My portfolio includes practical projects using Kali Linux, pfSense, Metasploitable 2, DVWA, Nmap, Greenbone/OpenVAS, Metasploit Framework, Wireshark, Splunk, Microsoft Azure, Active Directory, and OWASP ZAP.
All security testing documented below was conducted against authorized systems in controlled lab environments.
Conducted a cloud security risk assessment of an Azure-hosted Windows Server environment.
- Assessed risks involving public RDP access, privileged accounts, patching, monitoring, and Azure permissions
- Calculated risk scores using likelihood and business impact
- Recommended controls including MFA, RBAC, restricted RDP access, patch management, and centralized logging
Performed an automated vulnerability assessment against DVWA using OWASP ZAP in an isolated VirtualBox lab.
- Identified Remote Code Execution and Source Code Disclosure findings
- Analyzed missing security headers, anti-CSRF protections, and insecure cookie settings
- Generated a professional vulnerability report with remediation recommendations
Analyzed Linux authentication logs using Python automation and Splunk SIEM.
- Investigated authentication activity and suspicious security events
- Processed log data using Python
- Created Splunk searches, dashboards, and alerts
- Documented findings in a security-analysis report
Deployed and administered an Active Directory environment hosted in Microsoft Azure.
- Configured Windows Server, Active Directory Domain Services, and DNS
- Created and managed domain users and organizational units
- Joined a Windows client to the domain
- Reviewed Windows Security events related to authentication and account activity
Performed network reconnaissance and service enumeration against a vulnerable Linux target.
- Discovered active hosts and exposed network services
- Identified operating-system and service-version information
- Analyzed open ports, legacy protocols, database services, and remote-access services
- Used Nmap NSE scripts to investigate potential vulnerabilities
Performed authorized exploitation testing against an intentionally vulnerable Metasploitable 2 target using Metasploit Framework.
- Selected and configured the DistCC remote command-execution exploit
- Executed the exploit against the vulnerable service
- Validated successful remote command access
- Documented the security impact and recommended remediation
Performed a vulnerability assessment against an intentionally vulnerable Metasploitable 2 target using Greenbone/OpenVAS.
- Identified and prioritized critical, high, medium, and low-risk vulnerabilities
- Analyzed an exposed backdoor service that allowed root-level command execution
- Reviewed affected ports, CVSS severity, security impact, and remediation
- Preserved the scan report and critical-finding evidence
Captured and analyzed ICMP and FTP traffic using Wireshark in an isolated cybersecurity lab.
- Verified network connectivity through ICMP echo requests and replies
- Inspected source and destination addresses at the packet level
- Demonstrated that FTP transmitted usernames and passwords in plaintext
- Preserved packet captures and supporting screenshots as evidence
- Splunk
- Greenbone/OpenVAS
- OWASP ZAP
- Wireshark
- Nmap
- Metasploit Framework
- Kali Linux
- Linux
- Windows Server
- Microsoft Azure
- Active Directory
- pfSense
- Oracle VirtualBox
- Metasploitable 2
- Damn Vulnerable Web Application
- TryHackMe
- Python
- GitHub
- Markdown
- Technical security reporting
- CompTIA Security+
- Security Operations Center analysis
- Vulnerability assessment and remediation
- Network traffic and log analysis
- Cloud and identity security
- Web application security
- Incident detection and investigation
- Building a professional cybersecurity portfolio